| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-06-19 | convert CRYPTO_memcmp to timingsafe_memcmp based on current policy favoring | Ted Unangst | |
| libc interfaces over libcrypto interfaces. for now we also prefer timingsafe_memcmp over timingsafe_bcmp, even when the latter is acceptable. ok beck deraadt matthew miod | |||
| 2014-06-17 | ssl_session_cmp is not a sort function, can use CRYPTO_memcmp here too. | Ted Unangst | |
| 2014-06-13 | Add an SSL_AEAD_CTX to enable the use of EVP_AEAD with an SSL cipher. | Joel Sing | |
| Read and write contexts are also added to the SSL_CTX, along with supporting code. Based on Adam Langley's chromium diffs. Rides the recent SSL library bump. | |||
| 2014-06-13 | Remove support for the `opaque PRF input' extension, which draft has expired | Miod Vallat | |
| 7 years ago and never made it into an RFC. That code wasn't compiled in anyway unless one would define the actual on-the-wire extension id bytes; crank libssl major. With help and enlightenment from Brendan MacDonell. | |||
| 2014-06-12 | tags as requested by miod and tedu | Theo de Raadt | |
| 2014-06-07 | More KNF. | Joel Sing | |
| 2014-05-31 | Some KNF and fix the vairable spelling. | Joel Sing | |
| 2014-05-31 | More manual OPENSSL_NO_EC and OPENSSL_NO_TLSEXT cleanup. | Joel Sing | |
| 2014-05-31 | unifdef -UDOXYGEN and manually remove the few doxygen comments that are not | Joel Sing | |
| wrapped in #ifdef DOXYGEN... Requested by miod@ | |||
| 2014-05-31 | ECDH and ECDSA will not work overly well if there is no EC, so unifdef | Joel Sing | |
| OPENSSL_NO_EC. ok tedu@ | |||
| 2014-05-31 | TLS would not be entirely functional without extensions, so unifdef | Joel Sing | |
| OPENSSL_NO_TLSEXT. ok tedu@ | |||
| 2014-05-30 | remove some #if 0 code. we don't need any more reminders that we're using | Ted Unangst | |
| a not quite appropriate data structure. ok jsing | |||
| 2014-05-30 | Make use of SSL_IS_DTLS, SSL_USE_EXPLICIT_IV, SSL_USE_SIGALGS and | Joel Sing | |
| SSL_USE_TLS1_2_CIPHERS. Largely based on OpenSSL head. | |||
| 2014-05-29 | Any sane platform has stdio. Stop pretending we will ever use a platform | Bob Beck | |
| that does not. "fire bomb" tedu@ | |||
| 2014-05-29 | no space before label | Ted Unangst | |
| 2014-05-29 | consistent braces | Ted Unangst | |
| 2014-05-29 | unidef DH, ECDH, and ECDSA. there's no purpose to a libssl without them. | Ted Unangst | |
| ok deraadt jsing | |||
| 2014-05-29 | Make it substantially easier to identify protocol version requirements | Joel Sing | |
| by adding an enc_flags field to the ssl3_enc_method, specifying four flags that are used with this field and providing macros for evaluating these conditions. Currently the version requirements are identified by continually checking the version number and other criteria. This change also adds separate SSL3_ENC_METHOD data for TLS v1.1 and v1.2, since they have different enc_flags from TLS v1. Based on changes in OpenSSL head. No objection from miod@ | |||
| 2014-05-29 | When you have functions that perform specific functions, use them. | Joel Sing | |
| EVP_CIPHER_CTX_free() does a NULL check, then calls EVP_CIPHER_CTX_cleanup() and frees the memory. COMP_CTX_free() also had its own NULL check, so there is no point in duplicating that here. ok beck@ | |||
| 2014-05-28 | EVP_MD_CTX_create() calls malloc and can return NULL. However, only one of | Joel Sing | |
| the calls in libssl actually checks the return value before using it. Add NULL checks for the remaining three calls. ok miod@ | |||
| 2014-05-28 | There is no point in checking if a pointer is non-NULL before calling free, | Joel Sing | |
| since free already does this for us. Also remove some pointless NULL assignments, where the result from malloc(3) is immediately assigned to the same variable. ok miod@ | |||
| 2014-05-25 | remove unused shit. from Alexander Schrijver | Ted Unangst | |
| 2014-05-25 | Remove TLS_DEBUG, SSL_DEBUG, CIPHER_DEBUG and OPENSSL_RI_DEBUG. Much of | Joel Sing | |
| this is sporadic, hacked up and can easily be put back in an improved form should we ever need it. ok miod@ | |||
| 2014-05-24 | I'm so sorry to learn that the Diab compiler can't (or used not to) parse C | Miod Vallat | |
| code. Remove workaround. | |||
| 2014-05-24 | Use C99 initialisers for SSL3_ENC_METHOD structs. | Joel Sing | |
| ok miod@ | |||
| 2014-05-22 | Stop including kssl_lcl.h and nuke it from orbit - it is a no-op now. | Joel Sing | |
| ok beck@ miod@ | |||
| 2014-05-05 | Remove SRP and Kerberos support from libssl. These are complex protocols | Ted Unangst | |
| all on their own and we can't effectively maintain them without using them, which we don't. If the need arises, the code can be resurrected. | |||
| 2014-05-02 | Nuke OPENSSL_NO_SOCK since any half sane operating system has sockets. | Joel Sing | |
| ok beck@ | |||
| 2014-04-24 | More KNF, things that couldn't be verified with md5(1), and some whitespace | Ryan Thomas McBride | |
| I missed on the first go around. | |||
| 2014-04-24 | KNF | Ryan Thomas McBride | |
| 2014-04-21 | more malloc/realloc/calloc cleanups; ok beck kettenis | Theo de Raadt | |
| 2014-04-20 | Chop off more SSLv2 tentacles and start fixing and noting y2038 issues. | Philip Guenther | |
| APIs that pass times as longs will have to change at some point... Bump major on both libcrypto and libssl. ok tedu@ | |||
| 2014-04-19 | More KNF and style consistency tweaks | Philip Guenther | |
| 2014-04-17 | whack a bunch of disabled code. ok beck lteo | Ted Unangst | |
| 2014-04-17 | always build in RSA and DSA. ok deraadt miod | Ted Unangst | |
| 2014-04-17 | kill REF_PRINT/REF_CHECK debugging framework noone would use | Theo de Raadt | |
| ok miod | |||
| 2014-04-17 | Change library to use intrinsic memory allocation functions instead of | Bob Beck | |
| OPENSSL_foo wrappers. This changes: OPENSSL_malloc->malloc OPENSSL_free->free OPENSSL_relloc->realloc OPENSSL_freeFunc->free | |||
| 2014-04-16 | TANSTAAFL - delete the buf freelist code. if you need a better malloc, get | Ted Unangst | |
| a better malloc. ok beck deraadt | |||
| 2014-04-16 | add back SRP. i was being too greedy. | Ted Unangst | |
| 2014-04-16 | disentangle SRP code from TLS | Ted Unangst | |
| 2014-04-16 | Kill the bogus "send an SSLv3/TLS hello in SSLv2 format" crap from | Philip Guenther | |
| the SSLv23_* client code. The server continues to accept it. It also kills the bits for SSL2 SESSIONs; even when the server gets an SSLv2-style compat handshake, the session that it creates has the correct version internally. ok tedu@ beck@ | |||
| 2014-04-15 | remove FIPS mode support. people who require FIPS can buy something that | Ted Unangst | |
| meets their needs, but dumping it in here only penalizes the rest of us. ok miod | |||
| 2014-04-14 | First pass at applying KNF to the OpenSSL code, which almost makes it | Joel Sing | |
| readable. This pass is whitespace only and can readily be verified using tr and md5. | |||
| 2014-04-14 | remove last vestiges of OPENSSL_SYS_XXX from src/ssl | Bob Beck | |
| ok deraadt@ | |||
| 2014-04-13 | Merge conflicts; remove MacOS, Netware, OS/2, VMS and Windows build machinery. | Miod Vallat | |
| 2012-10-13 | resolve conflicts | Damien Miller | |
| 2012-01-05 | OpenSSL 1.0.0f: merge | Damien Miller | |
| 2011-11-03 | openssl-1.0.0e: resolve conflicts | Damien Miller | |
| 2010-10-01 | resolve conflicts, fix local changes | Damien Miller | |
| 2009-04-06 | resolve conflicts | Damien Miller | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |